Evidence of meeting #30 for Public Safety and National Security in the 42nd Parliament, 1st Session. (The original version is on Parliament’s site, as are the minutes.) The winning word was c-51.

On the agenda

MPs speaking

Also speaking

John West  As an Individual
Alnoor Gova  As an Individual
Jamie May  As an Individual
Barbara Taylor  As an Individual
Jesse Schooff  As an Individual
Laura Tribe  As an Individual
Maria Pazmino  As an Individual
Joshua Paterson  As an Individual
Judy Hanazawa  As an Individual
Joey Bowser  As an Individual
John Taylor  As an Individual
Maurice Mills  As an Individual
Brian Sproule  As an Individual
Michael Burnside  As an Individual
Kathryne Ayres  As an Individual
Stephen Ellis  As an Individual
Letchumanapihai Pathmayohan  As an Individual
Robert Feher  As an Individual
Minah Lee  As an Individual
Joseph Theriault  As an Individual
Rukshana Homi  As an Individual
Kathy Shimizu  As an Individual

5:55 p.m.

Liberal

Pam Damoff Liberal Oakville North—Burlington, ON

Thank you for coming out tonight and I know you sat through our meeting all afternoon as well—

5:55 p.m.

As an Individual

Barbara Taylor

As a concerned citizen.

5:55 p.m.

Liberal

Pam Damoff Liberal Oakville North—Burlington, ON

—and I want to thank you for your passion and for your interest. if you have ideas on how our national security framework could work better, please submit them to our committee. We'd be very interested. I realize three minutes isn't a very long time, but you heard us asking witnesses this afternoon as well for further information, so please give us your ideas. You obviously have some.

5:55 p.m.

As an Individual

Barbara Taylor

Thank you.

5:55 p.m.

Liberal

The Chair Liberal Rob Oliphant

That gives me the opportunity to remind you that anybody may submit a written brief by going to the Parliament of Canada website and looking for our public safety and national security committee and clicking on the “submit” button and it will take you through the steps so you can submit that.

I don't know whether we can put in digital tapes of people singing or not, but Ms. Taylor, you've raised the bar a bit now on future submissions to our committee.

Thank you.

The next one is Jesse Schooff.

6 p.m.

Jesse Schooff As an Individual

Hello, my name is Jesse Schooff. I'm a blogger. I volunteer with OpenMedia and I've also worked as the IT manager of a small company for the last decade.

I'm here today because I'm troubled by many aspects of the anti-terrorism act of 2016, which we call Bill C-51. But the main reason I'm here today to speak is because as an IT professional I'm concerned, and in some ways terrified, by some of the language in the online Canadian security consultations, which I know are not directly related to this committee. But the question was: How can law enforcement and national security agencies reduce the effectiveness of encryption for individuals and organizations involved in crime or threats to the security of Canada, yet not limit the beneficial uses of encryption to those not involved in illegal activities?

The short answer is you can't. The long answer would require more time than would be polite for me to take today, but I can explain by way of analogy. A few years ago the Transportation Security Administration in the United Stated decided that they needed to be able to open passengers' luggage at will without cutting off and thus destroying their luggage locks. The TSA partnered with lock and luggage manufacturers and worked with them to create a TSA master key that could open any lock. It wasn't long before someone created a 3-D printable model of the TSA master key that could be downloaded, distributed on the Internet, and printed, allowing anyone, including criminals, to open any TSA-approved lock.

When we talk about weakening encryption or creating a back door that only the good guys can access, what we're really talking about is deliberately putting bugs into our software. Any IT security expert or computer scientist will tell you that when there's a bug in software, hackers work hard to find that bug and exploit it. Encryption is not just a feature that makes it safe for us to use our credit card on eBay or that keeps racy instant messages private, encryption keeps our data infrastructure safe from hackers, criminals, and even terrorists. Encryption is the brick and mortar that allows enterprise IT to exist.

If government weakens or backdoors encryption, I can say without hyperbole that we put the entirety of our technology infrastructure at serious risk.

Thank you for your time.

6 p.m.

Liberal

The Chair Liberal Rob Oliphant

I'm going to have a question too, but you go ahead, first.

6 p.m.

Liberal

Pam Damoff Liberal Oakville North—Burlington, ON

Thank you very much for coming forward and certainly the whole encryption thing has come up here.

I also sit on the status of women committee and we're looking at cyber-violence.

If you put that hat on for a moment, and look at the question of encryption in terms of tracking down people who are committing cyber-violence against young women and girls, the police and victims have told us that's one of the issues in why they haven't been able to track down these people.

They are criminals, regardless of whether they're committing terror or whether they're committing cyber-violence. I'm wondering, how do you balance that, and how do you deal with issues of encryption when you're talking about people who are committing crime and not being able to track them down?

6 p.m.

As an Individual

Jesse Schooff

Thank you. That's a very good question.

What you're talking about concerns me too, immensely. I consider myself a feminist. Cases like that of Amanda Todd for example—

6 p.m.

Liberal

Pam Damoff Liberal Oakville North—Burlington, ON

We had Carol Todd, Amanda's mum, as one if our witnesses.

6 p.m.

As an Individual

Jesse Schooff

Wanting does not make it so. Encryption is computer science, it's mathematics, and it is a thing that is either secure from end to end or it has vulnerability built into it. We could mandate that our software has to have back doors built into it, but once again, people will immediately start looking for how they exploit the back door to steal credit card information, to spy on people, to commit all sorts of cybercrime. Any time there is a bug in software that allows people to do something they're not allowed to do, it's immediately exploited.

I wish I had a better answer for you than that, but I don't.

6:05 p.m.

Liberal

Pam Damoff Liberal Oakville North—Burlington, ON

Can you make any suggestions in a digital world on ways to maintain the privacy or integrity that you're talking about, but also to allow law enforcement to be able to use tools to be able to track down criminals?

6:05 p.m.

As an Individual

Jesse Schooff

I'm a systems administrator. I'm not the greatest computer security expert that you could talk to on the matter.

Security personnel and law enforcement will either have to rely on brute force using their own hacking methodologies to try to intercept information they're interested in or build in vulnerabilities by design.

6:05 p.m.

Liberal

Pam Damoff Liberal Oakville North—Burlington, ON

That's the part that's not effective, from what you said.

6:05 p.m.

As an Individual

Jesse Schooff

From my standpoint, that would be very dangerous.

6:05 p.m.

Liberal

The Chair Liberal Rob Oliphant

Mr. Miller, you're next.

6:05 p.m.

Conservative

Larry Miller Conservative Bruce—Grey—Owen Sound, ON

I have to admit I don't understand your chat about encryption at all. I'm not an IT specialist. You said you weren't, but you obviously know a lot more about it than I do. I think it would be helpful to continue what Pam was on.

Any information that you or experts in this that you know of could send to the committee that we could read to help us better understand it would be very helpful for me, Mr. Chair.

6:05 p.m.

Liberal

The Chair Liberal Rob Oliphant

I want to echo those comments. This will be a big thing. I'm not sure we're going to get into it as much in this study. One of the things we're doing on this tour is trying to look at the scope of everything we need to do to see the modules of later studies we're going to do, the whole concept of security in a digital world.

What came to me as you were speaking was, we've tended to think of encryption like cracking code in World War II. If you could crack the code then you could figure out what the bad guys were doing. We're framing it in terms of having a non-digital answer in a digital world, and we have to have a whole new way of thinking about it. The way you've framed it is very helpful for me. You have to build that bug into the encryption, and if you build it in, you give the bad guys a way to get in. I think that's very helpful for our committee to hear. We're not going to give you a satisfying answer on that tonight, but rest assured, that's the kind of thing our committee is listening to. We'll be back to you.

6:05 p.m.

As an Individual

Jesse Schooff

I can leave this with you if you like.

6:05 p.m.

Liberal

The Chair Liberal Rob Oliphant

Leave it. OpenMedia has been in touch with our committee, so we'll be working on this, I suspect, for the rest of our digital lives.

Laura Tribe is next.

October 17th, 2016 / 6:05 p.m.

Laura Tribe As an Individual

Good evening.

My name is Laura Tribe. I am the executive director of OpenMedia. As some of you know—I've heard that some of you have already heard from us—we are a digital rights organization that works to keep the Internet open, affordable, and surveillance-free.

Since Bill C-51 was first announced, we've been campaigning alongside many other groups, initially to stop Bill C-51, and now to get it fully repealed. Over the past 20 months, we have seen over 300,000 Canadians speak up against this reckless, dangerous, and ineffective legislation. OpenMedia has set out our detailed concerns about Bill C-51 and many other threats to Canada's digital privacy, including encryption—thank you, Jesse—at saveoursecurity.ca. It's a tool that we've built to encourage as many Canadians as possible to take part in the government's security consultations and ensure that our charter rights are protected.

Our calls for how the government must respect privacy and free expression online are fully outlined in our platform, and we will submit them via written comments to make sure that you get them in full detail, but we do invite you and everyone here to visit saveoursecurity.ca to see our written comments in full.

Tonight, we have three main asks for you, our elected representatives on the committee. The first is to make sure that Bill C-51 gets completely repealed—now. I cannot stress enough how urgent this is. Every single day this legislation remains on the books, innocent Canadians continue to be treated as criminals. Our privacy and security are compromised, and our charter rights are violated. As one of our community members told us recently, repeal it completely, and do it now. If the Liberal government believes some sort of bill is needed, then write a new bill from scratch only after a thorough consultation with legal experts and citizens to ensure Canadian rights and freedoms are preserved.

Second, we ask you to implement strong privacy rules to keep us safe from surveillance. I have here with me, and will leave with you, a copy of “Canada's Privacy Plan”, a positive vision for privacy that we crowdsourced with the help of over 125,000 Canadians. This plan calls for an end to warrantless access to our personal information, a stop to mass surveillance of innocent people—a practice that, just earlier today, the U.K.'s top surveillance court ruled as a breach of our human rights—and accountability, transparency, and oversight for security agencies.

Third, we are asking for a commitment to a transparent process for setting out the results of these consultations. You say you want the public to engage in these consultations, but we are not sure how we are being heard. To be frank, our community is very skeptical. This is particularly critical, given the alarm expressed by experts, including the Privacy Commissioner of Canada, about the skewed, one-sided way in which the government—not the committee—has framed many of these national security issues.

OpenMedia is built on crowdsourcing the voices of our community to find the best positive path forward. I believe in the power of community engagement, but we need a commitment that our voices will not be ignored. What assurances do we, the public, have that our voices are being heard and that this is not an exercise in futility? We will not accept “Trust us” as an answer. From Five Eyes information sharing to invasive StingRay cellphone surveillance, accidental privacy breaches, and backdoor encryption, we have consistently been shown that our digital information is too vulnerable to be left to just trust. More important, we shouldn't have to trust you. We should have laws to protect us and safeguards to prevent abuse. We need real transparency, accountability, and oversight.

On behalf of the OpenMedia community, I challenge you to truly listen to Canadians and save our security. Do not perpetuate a culture of fear. Protect our charter rights and values, and reimagine a world where all Canadians can use the Internet without fear of being watched.

As always, OpenMedia remains committed to delivering the voices of Canadians to our decision-makers. We have done so here today, and we look forward to discussing more with you in the future.

Thank you.

6:10 p.m.

Liberal

The Chair Liberal Rob Oliphant

Thank you.

Mr. Mendicino, go ahead.

6:10 p.m.

Liberal

Marco Mendicino Liberal Eglinton—Lawrence, ON

Thanks for your remarks.

While I don't want to just resort to saying that the proof we are listening is that we are here and I am taking copious notes, not just from what you said but from everybody else who has been up at the mike, I do want to address what I think is your second ask, namely oversight.

As somebody who appears to be studying the issue very closely, as a member of OpenMedia, you will have seen Bill C-22, which would create, for the first time ever, a committee of parliamentarians charged with oversight of the national security file. Hopefully, that is demonstrative of some progress and advancement in at least one of the areas you are concerned with.

6:10 p.m.

As an Individual

Laura Tribe

Yes, oversight is a great first step and it's great to see that some progress is being made on that, but the big concern we have is that Bill C-51 introduced so many additional problems that all that oversight is required. It's great to see that we're making progress, but all the while, Bill C-51 is still on the books. That's really the number one concern we're hearing from our community.

It's almost a year to the date since election day. We were told changes would happen. It's great to see that these consultations are taking place, and we asked for them a year ago. We wanted these consultations to happen. We want to be able to take the voices of the public and bring them to the people who make the decisions.

At the end of the day, we can say these things and that legislation is one part and a tiny piece of the puzzle, but it's really hard for us to go back to our community and assure them that it's still worth taking part in these consultations.

They are listening. What we're really looking for is a way to make sure that people know that this isn't just going on the record, but that these public proceedings will be disclosed to the public. How do they know what you have heard? How do they know that the decisions you make reflect the actual input you're getting from Canadians? A real concern we're hearing from our community is that this is an exercise in futility, and that it's already decided.

6:15 p.m.

NDP

Matthew Dubé NDP Beloeil—Chambly, QC

Chair, with all due respect to my colleague, could we refrain from getting into what borders on starting to justify things when we're talking about legislation?

I could just say to everyone who says they want to repeal Bill C-51 that I agree with them. That's not helpful at all to the process, given that we all represent different political points of view on this. It will be my pleasure to do that every time, but I think we should avoid that.